/*
 * Copyright 2010 Assert Developments
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

package be.ad.coffeebreak.services;

import be.ad.coffeebreak.domain.User;
import be.ad.coffeebreak.exceptions.DaoException;
import be.ad.coffeebreak.exceptions.EmailAlreadyInUseException;
import be.ad.coffeebreak.exceptions.ValidationException;

/**
 * A service for managing security.
 *
 * @author Stefan Bangels
 */
public interface SecurityService {

    /**
     * Find a user given its email address and password.  When no match is found, null is returned.
     *
     * @param email    the email address
     * @param password the password
     * @return the user, or null when no match is found
     * @throws IllegalArgumentException when the email or password are null
     * @throws DaoException             when there's a problem accessing the data
     */
    User authenticateUser(String email, String password);

    /**
     * Create or update a user.  When the email address is already in use by another user, an
     * EmailAlreadyInUseException will be thrown.  However, this check is not fully thread safe:  when two users are
     * trying to change to the same email address, at the same time, a DaoException will be thrown containing a unique
     * constraint sql exception, instead of an EmailAlreadyInUseException.
     *
     * @param user the user to create or update
     * @return the created or updated user
     * @throws IllegalArgumentException   when the user is null
     * @throws ValidationException        when the provided user is invalid
     * @throws EmailAlreadyInUseException when the email address is already owned by another user
     * @throws DaoException               when there's a problem accessing the data
     */
    User saveUser(User user) throws EmailAlreadyInUseException, ValidationException;

    /**
     * Change the password of a user that owns the provided email address.
     *
     * @param email       the email address
     * @param newPassword the new password
     * @throws IllegalArgumentException when the email address or the new password are null
     * @throws ValidationException      when the new password is invalid
     * @throws DaoException             when there's a problem accessing the data
     */
    void changePassword(String email, String newPassword) throws ValidationException;

    /**
     * Delete the user that owns the provided email address.
     *
     * @param email the email address
     * @throws IllegalArgumentException when the email address is null
     * @throws DaoException             when there's a problem accessing the data
     */
    void deleteUser(String email);

}
